BloodyAD: Open-source Active Directory privilege escalation framework
BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It...
Read more →Category: HelpnetSecurity
74% of CISOs are increasing crisis simulation budgets
In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, 23andMe, Transport for London, and Cencora, CISOs are reassessing...
Read more →
5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered...
Read more →
AI security posture management will be needed before agentic AI takes hold
As I’m currently knee deep in testing agentic AI in all its forms, as well as new iterations of current...
Read more →
Don’t let these open-source cybersecurity tools slip under your radar
This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber...
Read more →
How to use Apple’s App Privacy Report to monitor data tracking
The App Privacy Report, which Apple introduced in iOS 15.2, allows users to monitor how apps access data and interact...
Read more →
Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 48,000+ internet-facing Fortinet firewalls still...
Read more →
Nearly half of CISOs now report to CEOs, showing their rising influence
The CISO’s rise to the C-suite comes with more engagement with the boardroom, an audience with the CEO, and the...
Read more →
GUI frontends for GnuPG, the free implementation of the OpenPGP standard
GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications,...
Read more →
Deepfakes force a new era in fraud detection, identity verification
The rise in identity fraud over the past two years has significantly impacted all industries, especially finance, banking, fintech, and...
Read more →
New infosec products of the week: January 24, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Bitsight, DataDome, DigitalOcean, Lookout, and...
Read more →
Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw...
Read more →